To me, if you really want to make sure the person you pay is the person you think, you have to request for a signed bitcoin address.

Exemple:

- Alice: Hi, grondilu, I really like what you do and I would like to donate bitcoins to you.- grondilu: Ok, my bitcoin address is: 1LBEfZmRqtaH6KwGqt89uFm7dvdkiPdutC- fake-grondilu: Don't listen to this guy, Alice, I am the real grondilu and my bitcoin address is: 1PffXTH9o2Lg87d6Y5igEFPSbv6f1kE97U- Alice: I know grondilu's public key, so you guys sign your bitcoin address so I found out who is the real grondilu.- grondilu: Ok, here it is again:-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1

To me, if you really want to make sure the person you pay is the person you think, you have to request for a signed bitcoin address.

Here is why i'm progressively adding secured methods to verify the different parts of an identity on bictoin-contact : http://bitcoin-contact.org/identity/khal (verified addresses are with the green check, but i'm not satisfied with this display).